123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- RSpec.describe 'Ticket create > Secure mailing', authenticated_as: :authenticate, type: :system do
- def authenticate
- integration_settings
- current_user
- end
- shared_examples 'hiding security options' do
- let!(:template) { create(:template, :dummy_data) }
- let(:current_user) { true }
- it 'hides security options' do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- expect(page).to have_no_css('div.js-securityEncrypt.btn--active')
- expect(page).to have_no_css('div.js-securitySign.btn--active')
- click '.js-submit'
- expect(page).to have_css('.ticket-article-item', count: 1)
- open_article_meta
- expect(page).to have_no_css('span', text: 'Signed')
- expect(page).to have_no_css('span', text: 'Encrypted')
- security_result = Ticket::Article.last.preferences['security']
- expect(security_result['encryption']['success']).to be_nil
- expect(security_result['sign']['success']).to be_nil
- end
- end
- end
- shared_examples 'supporting all security options' do
- let(:current_user) { agent }
- let!(:template) { create(:template, :dummy_data, group: group, owner: agent, customer: customer) }
- let(:email_address) { create(:email_address, email: system_email_address) }
- let(:group) { create(:group, email_address: email_address) }
- let(:agent_groups) { [group] }
- let(:agent) { create(:agent, groups: agent_groups) }
- let(:customer) { create(:customer, email: recipient_email_address) }
- it 'sends a plain article' do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- # Wait until the security options check AJAX call is ready.
- expect(page).to have_css('div.js-securityEncrypt.btn--active')
- expect(page).to have_css('div.js-securitySign.btn--active')
- # Deactivate encryption and signing.
- click '.js-securityEncrypt'
- click '.js-securitySign'
- click '.js-submit'
- expect(page).to have_css('.ticket-article-item', count: 1)
- open_article_meta
- expect(page).to have_no_css('span', text: 'Signed')
- expect(page).to have_no_css('span', text: 'Encrypted')
- security_result = Ticket::Article.last.preferences['security']
- expect(security_result['encryption']['success']).to be_nil
- expect(security_result['sign']['success']).to be_nil
- end
- end
- it 'sends a signed article' do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- # Wait until the security options check AJAX call is ready.
- expect(page).to have_css('div.js-securityEncrypt.btn--active')
- expect(page).to have_css('div.js-securitySign.btn--active')
- # Deactivate encryption only.
- click '.js-securityEncrypt'
- click '.js-submit'
- expect(page).to have_css('.ticket-article-item', count: 1)
- open_article_meta
- expect(page).to have_css('span', text: 'Signed')
- expect(page).to have_no_css('span', text: 'Encrypted')
- security_result = Ticket::Article.last.preferences['security']
- expect(security_result['encryption']['success']).to be_nil
- expect(security_result['sign']['success']).to be true
- end
- end
- it 'sends an encrypted article' do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- # Wait until the security options check AJAX call is ready.
- expect(page).to have_css('div.js-securityEncrypt.btn--active')
- expect(page).to have_css('div.js-securitySign.btn--active')
- # Deactivate signing only.
- click '.js-securitySign'
- click '.js-submit'
- expect(page).to have_css('.ticket-article-item', count: 1)
- open_article_meta
- expect(page).to have_no_css('span', text: 'Signed')
- expect(page).to have_css('span', text: 'Encrypted')
- security_result = Ticket::Article.last.preferences['security']
- expect(security_result['encryption']['success']).to be true
- expect(security_result['sign']['success']).to be_nil
- end
- end
- it 'sends a signed and encrypted article' do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- # Wait until the security options check AJAX call is ready.
- expect(page).to have_css('div.js-securityEncrypt.btn--active')
- expect(page).to have_css('div.js-securitySign.btn--active')
- click '.js-submit'
- expect(page).to have_css('.ticket-article-item', count: 1)
- open_article_meta
- expect(page).to have_css('span', text: 'Signed')
- expect(page).to have_css('span', text: 'Encrypted')
- security_result = Ticket::Article.last.preferences['security']
- expect(security_result['encryption']['success']).to be true
- expect(security_result['sign']['success']).to be true
- end
- end
- end
- shared_examples 'supporting group default behavior' do
- let(:current_user) { agent }
- let!(:template) { create(:template, :dummy_data, group: group, owner: agent, customer: customer) }
- let(:email_address) { create(:email_address, email: system_email_address) }
- let(:group) { create(:group, email_address: email_address) }
- let(:agent_groups) { [group] }
- let(:agent) { create(:agent, groups: agent_groups) }
- let(:customer) { create(:customer, email: recipient_email_address) }
- let(:integration_config) { {} }
- shared_examples 'security defaults example' do |sign:, encrypt:|
- it "security defaults sign: #{sign}, encrypt: #{encrypt}" do
- within(:active_content) do
- if sign
- expect(page).to have_css('.js-securitySign.btn--active')
- else
- expect(page).to have_no_css('.js-securitySign.btn--active')
- end
- if encrypt
- expect(page).to have_css('.js-securityEncrypt.btn--active')
- else
- expect(page).to have_no_css('.js-securityEncrypt.btn--active')
- end
- end
- end
- end
- shared_examples 'security defaults' do |sign:, encrypt:|
- before do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- end
- end
- include_examples 'security defaults example', sign: sign, encrypt: encrypt
- end
- shared_examples 'security defaults group change' do |sign:, encrypt:|
- before do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- set_tree_select_value('group_id', new_group.name)
- end
- end
- include_examples 'security defaults example', sign: sign, encrypt: encrypt
- end
- context 'when not configured' do
- it_behaves_like 'security defaults', sign: true, encrypt: true
- end
- context 'when configuration is present' do
- let(:integration_config) do
- {
- 'group_id' => group_defaults
- }
- end
- let(:group_defaults) do
- {
- 'default_encryption' => {
- group.id.to_s => default_encryption,
- },
- 'default_sign' => {
- group.id.to_s => default_sign,
- }
- }
- end
- let(:default_sign) { true }
- let(:default_encryption) { true }
- shared_examples 'sign and encrypt variations' do |check_examples_name|
- it_behaves_like check_examples_name, sign: true, encrypt: true
- context 'when no value present' do
- let(:group_defaults) { {} }
- it_behaves_like check_examples_name, sign: true, encrypt: true
- end
- context 'when signing is disabled' do
- let(:default_sign) { false }
- it_behaves_like check_examples_name, sign: false, encrypt: true
- end
- context 'when encryption is disabled' do
- let(:default_encryption) { false }
- it_behaves_like check_examples_name, sign: true, encrypt: false
- end
- end
- context 'with the same group' do
- it_behaves_like 'sign and encrypt variations', 'security defaults'
- end
- context 'with a group change' do
- let(:new_group) { create(:group, email_address: email_address) }
- let(:agent_groups) { [group, new_group] }
- let(:group_defaults) do
- {
- 'default_encryption' => {
- new_group.id.to_s => default_encryption,
- },
- 'default_sign' => {
- new_group.id.to_s => default_sign,
- }
- }
- end
- it_behaves_like 'sign and encrypt variations', 'security defaults group change'
- end
- end
- end
- context 'with PGP integration' do
- let(:integration_settings) do
- Setting.set('pgp_integration', true)
- Setting.set('pgp_config', integration_config) if defined?(integration_config)
- end
- context 'with no key present' do
- it_behaves_like 'hiding security options'
- end
- context 'with recipient public key and sender private key present' do
- let(:system_email_address) { 'pgp1@example.com' }
- let(:recipient_email_address) { 'pgp2@example.com' }
- before do
- create(:'pgp_key/pgp1@example.com', :with_private)
- create(:'pgp_key/pgp2@example.com')
- end
- it_behaves_like 'supporting all security options'
- it_behaves_like 'supporting group default behavior'
- end
- end
- context 'with S/MIME integration' do
- let(:integration_settings) do
- Setting.set('smime_integration', true)
- Setting.set('smime_config', integration_config) if defined?(integration_config)
- end
- context 'with no certificate nor key present' do
- it_behaves_like 'hiding security options'
- end
- context 'with recipient public certificate and sender private key present' do
- let(:system_email_address) { 'smime1@example.com' }
- let(:recipient_email_address) { 'smime2@example.com' }
- before do
- create(:smime_certificate, :with_private, fixture: system_email_address)
- create(:smime_certificate, fixture: recipient_email_address)
- end
- it_behaves_like 'supporting all security options'
- it_behaves_like 'supporting group default behavior'
- end
- end
- context 'with both PGP and S/MIME integration' do
- let(:integration_settings) do
- Setting.set('pgp_integration', true)
- Setting.set('smime_integration', true)
- end
- shared_examples 'showing security type switcher' do
- let!(:template) { create(:template, :dummy_data) }
- let(:current_user) { true }
- it 'shows security type switcher' do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- expect(page).to have_css('.btn', text: 'PGP')
- expect(page).to have_css('.btn.btn--active', text: 'S/MIME') # preferred
- end
- end
- end
- context 'with no certificates nor keys present' do
- it_behaves_like 'showing security type switcher'
- end
- context 'with certificates and keys present' do
- let(:system_email_address) { 'pgp+smime-sender@example.com' }
- let(:recipient_email_address) { 'pgp+smime-recipient@example.com' }
- let(:current_user) { agent }
- let!(:template) { create(:template, :dummy_data, group: group, owner: agent, customer: customer) }
- let(:email_address) { create(:email_address, email: system_email_address) }
- let(:group) { create(:group, email_address: email_address) }
- let(:agent_groups) { [group] }
- let(:agent) { create(:agent, groups: agent_groups) }
- let(:customer) { create(:customer, email: recipient_email_address) }
- before do
- create(:'pgp_key/pgp+smime-sender@example.com', :with_private)
- create(:'pgp_key/pgp+smime-recipient@example.com')
- create(:smime_certificate, :with_private, fixture: system_email_address)
- create(:smime_certificate, fixture: recipient_email_address)
- end
- shared_examples 'switching between security types' do
- it 'switches between security types' do
- within(:active_content) do
- click '.btn', text: 'PGP'
- # Wait until the security options check AJAX call is ready.
- expect(page).to have_css('div.js-securityEncrypt.btn--active')
- expect(page).to have_css('div.js-securitySign.btn--active')
- expect(page).to have_css('.btn.btn--active', text: 'PGP')
- expect(page).to have_no_css('.btn.btn--active', text: 'S/MIME')
- expect(find('.js-securityEncryptComment')['title']).to eq('The PGP keys for pgp+smime-recipient@example.com were found.')
- expect(find('.js-securitySignComment')['title']).to eq('The PGP key for pgp+smime-sender@example.com was found.')
- click '.btn', text: 'S/MIME'
- # Wait until the security options check AJAX call is ready.
- expect(page).to have_css('div.js-securityEncrypt.btn--active')
- expect(page).to have_css('div.js-securitySign.btn--active')
- expect(page).to have_no_css('.btn.btn--active', text: 'PGP')
- expect(page).to have_css('.btn.btn--active', text: 'S/MIME')
- expect(find('.js-securityEncryptComment')['title']).to eq('The certificates for pgp+smime-recipient@example.com were found.')
- expect(find('.js-securitySignComment')['title']).to eq('The certificate for pgp+smime-sender@example.com was found.')
- end
- end
- end
- it_behaves_like 'showing security type switcher'
- context 'when customer selection is based on template' do
- before do
- visit 'ticket/create'
- within(:active_content) do
- use_template(template)
- end
- end
- it_behaves_like 'switching between security types'
- end
- context 'when customer selection is based on manual selection' do
- before do
- visit 'ticket/create'
- within(:active_content) do
- click '.tab', text: 'Send Email'
- find('[name=customer_id_completion]').fill_in with: customer.firstname
- find("li.recipientList-entry.js-object[data-object-id='#{customer.id}']").click
- end
- end
- it_behaves_like 'switching between security types'
- end
- end
- end
- end
|